Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2025-30361

    WeGIA is a Web manager for charitable institutions. A security vulnerability was identified in versions prior to 3.2.6, where it is possible to change a user's password without verifying the old password. This issue exists in the control.php endpoint and ... Read more

    Affected Products : wegia
    • Published: Mar. 27, 2025
    • Modified: Apr. 10, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2024-12905

    An Improper Link Resolution Before File Access ("Link Following") and Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal"). This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorize... Read more

    Affected Products : tar-fs
    • Published: Mar. 27, 2025
    • Modified: Apr. 20, 2025
    • Vuln Type: Path Traversal

  • 0.0

    NA
    CVE-2023-53033

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits If the offset + length goes over the ethernet + vlan header, then the length is adjusted to copy the bytes t... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53032

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. When first_ip is 0, last_ip is 0xFFFFFFFF, and netmask is 31, the value of an arithmetic expression 2 << ... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53031

    In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Fix use of mutex in IRQs disabled section Current imc-pmu code triggers a WARNING with CONFIG_DEBUG_ATOMIC_SLEEP and CONFIG_PROVE_LOCKING enabled, while running a threa... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53030

    In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Avoid use of GFP_KERNEL in atomic context Using GFP_KERNEL in preemption disable context, causing below warning when CONFIG_DEBUG_ATOMIC_SLEEP is enabled. [ 32.542271] ... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53029

    In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt The commit 4af1b64f80fb ("octeontx2-pf: Fix lmtst ID used in aura free") uses the get/put_cpu() to protect the usage of p... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-53028

    In the Linux kernel, the following vulnerability has been resolved: Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()" This reverts commit 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293. ieee80211_if_free() is already called from free_netdev(ndev... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-53026

    In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry t... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2023-53024

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, 2039f26f3aca ("bpf: Fix leakage due to insufficient speculative store bypass mitiga... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2023-53023

    In the Linux kernel, the following vulnerability has been resolved: net: nfc: Fix use-after-free in local_cleanup() Fix a use-after-free that occurs in kfree_skb() called from local_cleanup(). This could happen when killing nfc daemon (e.g. neard) after... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-53022

    In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid deadlock in enetc_tx_onestep_tstamp() This lockdep splat says it better than I could: ================================ WARNING: inconsistent lock state 6.2.0-rc2-0701... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2023-53021

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_taprio: fix possible use-after-free syzbot reported a nasty crash [1] in net_tx_action() which made little sense until we got a repro. This repro installs a taprio qdisc... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Memory Corruption

  • 4.7

    MEDIUM
    CVE-2023-53020

    In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tp_tunnel_register() The code in l2tp_tunnel_register() is racy in several ways: 1. It modifies the tunnel socket _after_ publishing it. 2. It cal... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53019

    In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobus_get_phy() The caller may pass any value as addr, what may result in an out-of-bounds access to array mdio_map. One existing case is stmmac_... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-53018

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix memory leaks When hci_cmd_sync_queue() failed in hci_le_terminate_big() or hci_le_big_terminate(), the memory pointed by variable d is not freed, which will cau... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-53017

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix memory leak in hci_update_adv_data() When hci_cmd_sync_queue() failed in hci_update_adv_data(), inst_ptr is not freed, which will cause memory leak, convert to ... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-53016

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change syzbot reports a possible deadlock in rfcomm_sk_state_change [1]. While rfcomm_sock_connect acquires the sk lock and waits for... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2023-53015

    In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopff_init() only checks the total sum of the report counts for each report field to be at least 4, but hid_betopff_play() expects 4 report f... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-53014

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fix memory leak in terminate_all() Terminate vdesc when terminating an ongoing transfer. This will ensure that the vdesc is present in the desc_terminated list The des... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 15, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 292495 Results